nodebb-plugin-sso-biogrenci 1.0.0 → 1.0.2

package/.claude/settings.local.json

@@ -0,0 +1,10 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(tree -L 3 -I 'node_modules' /c/Users/kadir/OneDrive/Masaüstü/Projeler/nodebb-plugin-sso-biogrenci/ 2>/dev/null || find /c/Users/kadir/OneDrive/Masaüstü/Projeler/nodebb-plugin-sso-biogrenci -not -path '*/node_modules/*' -type f | sort)",
+      "WebFetch(domain:raw.githubusercontent.com)",
+      "Bash(xargs grep:*)",
+      "WebFetch(domain:biogrenci.com)"
+    ]
+  }
+}

package/library.js

@@ -7,8 +7,11 @@ const user = require.main.require('./src/user');
 const db = require.main.require('./src/database');
 const meta = require.main.require('./src/meta');
 const groups = require.main.require('./src/groups');
+const winston = require.main.require('winston');
 const authenticationController = require.main.require('./src/controllers/authentication');
 
+const LOG_PREFIX = '[sso-biogrenci]';
+
 const constants = {
 	name: 'biogrenci',
 	displayName: "bi'öğrenci",
@@ -25,70 +28,91 @@ const plugin = {
 		clientId: '019ccf3d-0032-70e0-bf69-474e3f4dd2fa',
 		clientSecret: '0bpVolqxVtNGcrZuVWtWjNfKr36EABj8zzj61e6i',
 	},
+	ready: false,
 };
 
 plugin.init = async function (params) {
 	const { router, middleware } = params;
+	winston.info(`${LOG_PREFIX} Initializing plugin...`);
 
 	// Admin settings page
 	router.get('/admin/plugins/sso-biogrenci', middleware.admin.buildHeader, renderAdmin);
 	router.get('/api/admin/plugins/sso-biogrenci', renderAdmin);
+	winston.info(`${LOG_PREFIX} Admin routes registered`);
 
 	// Firsatlar (discounts) page
 	router.get('/firsatlar', middleware.buildHeader, renderFirsatlar);
 	router.get('/api/firsatlar', renderFirsatlar);
+	winston.info(`${LOG_PREFIX} Firsatlar routes registered`);
 
 	// API: fetch opportunities from bi'ogrenci
 	router.get('/api/biogrenci/firsatlar', async (req, res) => {
+		winston.info(`${LOG_PREFIX} GET /api/biogrenci/firsatlar query=%j`, req.query);
 		try {
 			const data = await fetchOpportunities(req.query);
+			winston.info(`${LOG_PREFIX} Firsatlar response: %d items`, data.data ? data.data.length : 0);
 			res.json(data);
 		} catch (err) {
+			winston.error(`${LOG_PREFIX} Firsatlar fetch error: %s`, err.message);
 			res.status(500).json({ error: err.message });
 		}
 	});
 
 	// API: claim an opportunity
 	router.post('/api/biogrenci/firsatlar/:id/claim', async (req, res) => {
+		winston.info(`${LOG_PREFIX} POST claim opportunity id=%s uid=%s`, req.params.id, req.uid);
 		if (!req.uid) {
 			return res.status(401).json({ error: 'Giriş yapmanız gerekiyor' });
 		}
 		try {
 			const accessToken = await db.getObjectField(`biogrenci:uid:${req.uid}`, 'accessToken');
 			if (!accessToken) {
+				winston.warn(`${LOG_PREFIX} No access token for uid=%s`, req.uid);
 				return res.status(403).json({ error: "bi'öğrenci hesabınızla giriş yapmalısınız" });
 			}
-			const response = await fetch(`${constants.partnerAPIBase}/opportunities/${req.params.id}/claim`, {
+			const url = `${constants.partnerAPIBase}/opportunities/${req.params.id}/claim`;
+			winston.info(`${LOG_PREFIX} Claiming: POST %s`, url);
+			const response = await fetch(url, {
 				method: 'POST',
 				headers: { Authorization: `Bearer ${accessToken}` },
 			});
 			const data = await response.json();
+			winston.info(`${LOG_PREFIX} Claim response status=%d data=%j`, response.status, data);
 			res.json(data);
 		} catch (err) {
+			winston.error(`${LOG_PREFIX} Claim error: %s`, err.message);
 			res.status(500).json({ error: err.message });
 		}
 	});
 
 	// Profile: link/unlink bi'öğrenci account
 	router.get('/api/biogrenci/status', async (req, res) => {
+		winston.verbose(`${LOG_PREFIX} GET /api/biogrenci/status uid=%s`, req.uid);
 		if (!req.uid) {
 			return res.json({ linked: false });
 		}
-		const data = await db.getObject(`biogrenci:uid:${req.uid}`);
-		if (data && data.biogrenciId) {
-			const education = await user.getUserField(req.uid, 'biogrenci_education');
-			const verified = await user.getUserField(req.uid, 'biogrenci_verified');
-			return res.json({
-				linked: true,
-				biogrenciId: data.biogrenciId,
-				education: education || null,
-				verified: !!verified,
-			});
+		try {
+			const data = await db.getObject(`biogrenci:uid:${req.uid}`);
+			if (data && data.biogrenciId) {
+				const education = await user.getUserField(req.uid, 'biogrenci_education');
+				const verified = await user.getUserField(req.uid, 'biogrenci_verified');
+				winston.verbose(`${LOG_PREFIX} Status: linked=true verified=%s`, !!verified);
+				return res.json({
+					linked: true,
+					biogrenciId: data.biogrenciId,
+					education: education || null,
+					verified: !!verified,
+				});
+			}
+			res.json({ linked: false });
+		} catch (err) {
+			winston.error(`${LOG_PREFIX} Status error: %s`, err.message);
+			res.json({ linked: false });
 		}
-		res.json({ linked: false });
 	});
 
 	router.post('/api/biogrenci/unlink', async (req, res) => {
+		winston.info(`${LOG_PREFIX} POST /api/biogrenci/unlink uid=%s`, req.uid);
 		if (!req.uid) {
 			return res.status(401).json({ error: 'Giriş yapmanız gerekiyor' });
 		}
@@ -102,25 +126,44 @@ plugin.init = async function (params) {
 			await user.setUserField(req.uid, 'biogrenci_education', '');
 			await user.setUserField(req.uid, 'biogrenci_verified', false);
 			await groups.leave('Doğrulanmış Öğrenciler', req.uid);
+			winston.info(`${LOG_PREFIX} Unlinked uid=%s`, req.uid);
 			res.json({ success: true });
 		} catch (err) {
+			winston.error(`${LOG_PREFIX} Unlink error: %s`, err.message);
 			res.status(500).json({ error: err.message });
 		}
 	});
 
 	// Load settings from DB
-	const settings = await meta.settings.get('sso-biogrenci');
-	if (settings.clientId) plugin.settings.clientId = settings.clientId;
-	if (settings.clientSecret) plugin.settings.clientSecret = settings.clientSecret;
+	try {
+		const settings = await meta.settings.get('sso-biogrenci');
+		winston.info(`${LOG_PREFIX} Loaded settings from DB: clientId=%s clientSecret=%s`,
+			settings.clientId ? settings.clientId.substring(0, 8) + '...' : '(empty)',
+			settings.clientSecret ? '***set***' : '(empty)'
+		);
+		if (settings.clientId) plugin.settings.clientId = settings.clientId;
+		if (settings.clientSecret) plugin.settings.clientSecret = settings.clientSecret;
+	} catch (err) {
+		winston.error(`${LOG_PREFIX} Failed to load settings: %s`, err.message);
+	}
+
+	plugin.ready = true;
+	winston.info(`${LOG_PREFIX} Plugin initialized. clientId=%s`,
+		plugin.settings.clientId ? plugin.settings.clientId.substring(0, 8) + '...' : '(not set)'
+	);
 };
 
 async function renderAdmin(req, res) {
+	const callbackURL = nconf.get('url') + '/auth/biogrenci/callback';
+	winston.verbose(`${LOG_PREFIX} Rendering admin page, callbackURL=%s`, callbackURL);
 	res.render('admin/plugins/sso-biogrenci', {
 		title: "bi'öğrenci SSO",
+		callbackURL: callbackURL,
 	});
 }
 
 async function renderFirsatlar(req, res) {
+	winston.verbose(`${LOG_PREFIX} Rendering firsatlar page, uid=%s`, req.uid);
 	res.render('biogrenci-firsatlar', {
 		title: 'Öğrenci Fırsatları',
 		uid: req.uid || 0,
@@ -137,19 +180,42 @@ async function fetchOpportunities(query) {
 	params.set('page', query.page || 1);
 	params.set('per_page', query.per_page || 20);
 
-	const response = await fetch(`${constants.partnerAPIBase}/opportunities?${params.toString()}`);
+	const url = `${constants.partnerAPIBase}/opportunities?${params.toString()}`;
+	winston.info(`${LOG_PREFIX} Fetching opportunities: GET %s`, url);
+
+	const response = await fetch(url, {
+		headers: {
+			'Accept': 'application/json',
+			'X-Client-Id': plugin.settings.clientId,
+		},
+	});
+
+	winston.info(`${LOG_PREFIX} Partner API response: status=%d`, response.status);
+
 	if (!response.ok) {
+		const body = await response.text();
+		winston.error(`${LOG_PREFIX} Partner API error: status=%d body=%s`, response.status, body);
 		throw new Error(`Partner API error: ${response.status}`);
 	}
-	return response.json();
+
+	const data = await response.json();
+	winston.info(`${LOG_PREFIX} Partner API data keys=%j`, Object.keys(data));
+	return data;
 }
 
 plugin.getStrategy = async function (strategies) {
+	winston.info(`${LOG_PREFIX} getStrategy called. clientId=%s clientSecret=%s`,
+		plugin.settings.clientId ? 'set' : 'NOT SET',
+		plugin.settings.clientSecret ? 'set' : 'NOT SET'
+	);
+
 	if (!plugin.settings.clientId || !plugin.settings.clientSecret) {
+		winston.warn(`${LOG_PREFIX} Missing credentials, skipping strategy registration`);
 		return strategies;
 	}
 
 	const callbackURL = nconf.get('url') + '/auth/biogrenci/callback';
+	winston.info(`${LOG_PREFIX} Registering OAuth2 strategy, callbackURL=%s`, callbackURL);
 
 	const strategy = new OAuth2Strategy(
 		{
@@ -162,19 +228,36 @@ plugin.getStrategy = async function (strategies) {
 			passReqToCallback: true,
 		},
 		async (req, accessToken, refreshToken, params, profile, done) => {
+			winston.info(`${LOG_PREFIX} OAuth2 callback received. accessToken=%s refreshToken=%s`,
+				accessToken ? accessToken.substring(0, 10) + '...' : 'none',
+				refreshToken ? 'set' : 'none'
+			);
 			try {
 				// Fetch user info from bi'ogrenci
+				winston.info(`${LOG_PREFIX} Fetching userinfo from %s`, constants.userInfoURL);
 				const response = await fetch(constants.userInfoURL, {
 					headers: { Authorization: `Bearer ${accessToken}` },
 				});
 
+				winston.info(`${LOG_PREFIX} Userinfo response status=%d`, response.status);
+
 				if (!response.ok) {
+					const body = await response.text();
+					winston.error(`${LOG_PREFIX} Userinfo error: %s`, body);
 					return done(new Error('Kullanıcı bilgisi alınamadı'));
 				}
 
 				const biogrenciUser = await response.json();
+				winston.info(`${LOG_PREFIX} Userinfo: sub=%s email=%s name=%s verified=%s`,
+					biogrenciUser.sub,
+					biogrenciUser.email,
+					biogrenciUser.name || biogrenciUser.first_name,
+					biogrenciUser.student_verified
+				);
 
 				const handleUser = async function (uid) {
+					winston.info(`${LOG_PREFIX} handleUser uid=%s biogrenciId=%s`, uid, biogrenciUser.sub);
+
 					// Store access/refresh tokens
 					await db.setObject(`biogrenci:uid:${uid}`, {
 						accessToken,
@@ -189,14 +272,13 @@ plugin.getStrategy = async function (strategies) {
 							.filter(Boolean)
 							.join(' - ');
 						await user.setUserField(uid, 'biogrenci_education', eduString);
+						winston.info(`${LOG_PREFIX} Saved education: %s`, eduString);
 					}
 
 					if (biogrenciUser.student_verified) {
 						await user.setUserField(uid, 'biogrenci_verified', true);
-					}
 
-					// Add verified students to a group
-					if (biogrenciUser.student_verified) {
+						// Add verified students to a group
 						const groupExists = await groups.exists('Doğrulanmış Öğrenciler');
 						if (!groupExists) {
 							await groups.create({
@@ -206,8 +288,10 @@ plugin.getStrategy = async function (strategies) {
 								private: 1,
 								disableJoinRequests: 1,
 							});
+							winston.info(`${LOG_PREFIX} Created "Doğrulanmış Öğrenciler" group`);
 						}
 						await groups.join('Doğrulanmış Öğrenciler', uid);
+						winston.info(`${LOG_PREFIX} User uid=%s added to verified group`, uid);
 					}
 
 					done(null, uid);
@@ -216,11 +300,13 @@ plugin.getStrategy = async function (strategies) {
 				// Check if user already linked
 				const existingUid = await plugin.getUidByBiogrenciId(biogrenciUser.sub);
 				if (existingUid) {
+					winston.info(`${LOG_PREFIX} Found existing linked user uid=%s`, existingUid);
 					return handleUser(existingUid);
 				}
 
 				// Check if logged-in user wants to link account
 				if (req.uid) {
+					winston.info(`${LOG_PREFIX} Linking to logged-in user uid=%s`, req.uid);
 					await plugin.linkAccount(req.uid, biogrenciUser.sub);
 					return handleUser(req.uid);
 				}
@@ -229,30 +315,39 @@ plugin.getStrategy = async function (strategies) {
 				if (biogrenciUser.email) {
 					const existingEmailUid = await user.getUidByEmail(biogrenciUser.email);
 					if (existingEmailUid) {
+						winston.info(`${LOG_PREFIX} Found user by email uid=%s`, existingEmailUid);
 						await plugin.linkAccount(existingEmailUid, biogrenciUser.sub);
 						return handleUser(existingEmailUid);
 					}
 				}
 
 				// Create new user
+				const username = biogrenciUser.first_name
+					? `${biogrenciUser.first_name}${biogrenciUser.last_name ? '_' + biogrenciUser.last_name : ''}`
+					: `biogrenci_${biogrenciUser.sub}`;
+
+				winston.info(`${LOG_PREFIX} Creating new user: username=%s email=%s`, username, biogrenciUser.email);
+
 				const newUid = await user.create({
-					username: biogrenciUser.first_name
-						? `${biogrenciUser.first_name}${biogrenciUser.last_name ? '_' + biogrenciUser.last_name : ''}`
-						: `biogrenci_${biogrenciUser.sub}`,
+					username: username,
 					email: biogrenciUser.email || undefined,
 					fullname: biogrenciUser.name || undefined,
 				});
 
+				winston.info(`${LOG_PREFIX} Created user uid=%s`, newUid);
+
 				await plugin.linkAccount(newUid, biogrenciUser.sub);
 
 				// Set avatar if available
 				if (biogrenciUser.avatar) {
 					await user.setUserField(newUid, 'picture', biogrenciUser.avatar);
 					await user.setUserField(newUid, 'uploadedpicture', biogrenciUser.avatar);
+					winston.info(`${LOG_PREFIX} Set avatar for uid=%s`, newUid);
 				}
 
 				handleUser(newUid);
 			} catch (err) {
+				winston.error(`${LOG_PREFIX} OAuth2 callback error: %s\n%s`, err.message, err.stack);
 				done(err);
 			}
 		},
@@ -263,6 +358,7 @@ plugin.getStrategy = async function (strategies) {
 	};
 
 	passport.use(constants.name, strategy);
+	winston.info(`${LOG_PREFIX} Passport strategy "%s" registered`, constants.name);
 
 	strategies.push({
 		name: constants.name,
@@ -274,15 +370,21 @@ plugin.getStrategy = async function (strategies) {
 		scope: constants.scope,
 	});
 
+	winston.info(`${LOG_PREFIX} Strategy added to list. Total strategies: %d`, strategies.length);
 	return strategies;
 };
 
 plugin.listStrategy = async function (strategies) {
-	strategies.push({
-		name: constants.name,
-		displayName: constants.displayName,
-		icon: constants.icon,
-	});
+	if (plugin.settings.clientId && plugin.settings.clientSecret) {
+		strategies.push({
+			name: constants.name,
+			displayName: constants.displayName,
+			icon: constants.icon,
+		});
+		winston.verbose(`${LOG_PREFIX} listStrategy: added to list`);
+	} else {
+		winston.warn(`${LOG_PREFIX} listStrategy: skipped, no credentials`);
+	}
 	return strategies;
 };
 
@@ -315,6 +417,7 @@ plugin.addCustomFields = async function (data) {
 };
 
 plugin.linkAccount = async function (uid, biogrenciId) {
+	winston.info(`${LOG_PREFIX} Linking uid=%s to biogrenciId=%s`, uid, biogrenciId);
 	await db.setObjectField('biogrenci:id', biogrenciId, uid);
 	await db.setObjectField(`user:${uid}:biogrenci`, 'biogrenciId', biogrenciId);
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nodebb-plugin-sso-biogrenci",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "bi'öğrenci OAuth2 SSO login & öğrenci indirimleri for NodeBB",
   "main": "library.js",
   "keywords": [
@@ -11,10 +11,10 @@
     "oauth2"
   ],
   "nbbpm": {
-    "compatibility": "^3.2.0"
+    "compatibility": "^3.2.0 || ^4.0.0"
   },
   "dependencies": {
     "passport-oauth2": "^1.8.0"
   },
   "license": "MIT"
-}
+}

package/plugin.json

@@ -6,6 +6,11 @@
     "static": "./static"
   },
   "less": ["static/style.less"],
+  "modules": {
+    "../admin/plugins/sso-biogrenci.js": "static/lib/admin.js",
+    "../client/biogrenci-firsatlar.js": "static/lib/biogrenci-firsatlar.js",
+    "../client/account/biogrenci.js": "static/lib/account-biogrenci.js"
+  },
   "hooks": [
     { "hook": "filter:auth.init", "method": "getStrategy" },
     { "hook": "filter:auth.list", "method": "listStrategy" },

package/static/lib/account-biogrenci.js

@@ -0,0 +1,72 @@
+'use strict';
+
+define('forum/account/biogrenci', ['alerts'], function (alerts) {
+	var AccountPage = {};
+
+	AccountPage.init = function () {
+		loadStatus();
+	};
+
+	function loadStatus() {
+		fetch(config.relative_path + '/api/biogrenci/status')
+			.then(function (r) { return r.json(); })
+			.then(function (data) {
+				var $el = $('#biogrenci-status');
+				if (data.linked) {
+					$el.html(
+						'<div class="biogrenci-linked">' +
+							'<div class="biogrenci-linked-badge">' +
+								'<i class="fa fa-check-circle"></i> Hesap Bağlı' +
+							'</div>' +
+							(data.verified
+								? '<div class="biogrenci-verified-badge"><i class="fa fa-shield"></i> Doğrulanmış Öğrenci</div>'
+								: '') +
+							(data.education
+								? '<div class="biogrenci-education"><i class="fa fa-university"></i> ' + data.education + '</div>'
+								: '') +
+							'<hr/>' +
+							'<button id="biogrenci-unlink" class="btn btn-danger btn-sm">' +
+								'<i class="fa fa-unlink"></i> Bağlantıyı Kaldır' +
+							'</button>' +
+						'</div>'
+					);
+
+					$('#biogrenci-unlink').on('click', unlinkAccount);
+				} else {
+					$el.html(
+						'<div class="biogrenci-not-linked">' +
+							'<p>bi\'öğrenci hesabınız henüz bağlı değil.</p>' +
+							'<p class="text-muted">Hesabınızı bağlayarak öğrenci doğrulaması yapabilir ve fırsatlardan yararlanabilirsiniz.</p>' +
+							'<a href="' + config.relative_path + '/auth/biogrenci" class="btn btn-primary">' +
+								'<i class="fa fa-graduation-cap"></i> bi\'öğrenci Hesabını Bağla' +
+							'</a>' +
+						'</div>'
+					);
+				}
+			});
+	}
+
+	function unlinkAccount() {
+		bootbox.confirm("bi'öğrenci hesap bağlantısını kaldırmak istediğinize emin misiniz?", function (ok) {
+			if (!ok) return;
+			fetch(config.relative_path + '/api/biogrenci/unlink', {
+				method: 'POST',
+				headers: {
+					'x-csrf-token': config.csrf_token,
+					'Content-Type': 'application/json',
+				},
+			})
+				.then(function (r) { return r.json(); })
+				.then(function (res) {
+					if (res.success) {
+						alerts.success("bi'öğrenci bağlantısı kaldırıldı");
+						loadStatus();
+					} else {
+						alerts.error(res.error || 'Bir hata oluştu');
+					}
+				});
+		});
+	}
+
+	return AccountPage;
+});

package/static/lib/admin.js

@@ -0,0 +1,44 @@
+'use strict';
+
+define('admin/plugins/sso-biogrenci', ['settings'], function (Settings) {
+	var ACP = {};
+
+	ACP.init = function () {
+		console.log('[sso-biogrenci] Admin page init');
+
+		var $form = $('.sso-biogrenci-settings');
+		console.log('[sso-biogrenci] Form element found:', $form.length > 0);
+		console.log('[sso-biogrenci] Form inputs:', $form.find('input').length);
+
+		Settings.load('sso-biogrenci', $form, function () {
+			console.log('[sso-biogrenci] Settings loaded from DB');
+			console.log('[sso-biogrenci] clientId value:', $('#clientId').val() ? 'set (' + $('#clientId').val().substring(0, 8) + '...)' : '(empty)');
+			console.log('[sso-biogrenci] clientSecret value:', $('#clientSecret').val() ? 'set (hidden)' : '(empty)');
+		});
+
+		$('#save').on('click', function () {
+			console.log('[sso-biogrenci] Save clicked');
+			console.log('[sso-biogrenci] Saving clientId:', $('#clientId').val() ? 'set' : '(empty)');
+			console.log('[sso-biogrenci] Saving clientSecret:', $('#clientSecret').val() ? 'set' : '(empty)');
+
+			Settings.save('sso-biogrenci', $form, function () {
+				console.log('[sso-biogrenci] Settings saved successfully');
+				app.alertSuccess('Ayarlar kaydedildi!');
+			});
+		});
+
+		$('#toggleSecret').on('click', function () {
+			var $input = $('#clientSecret');
+			var $icon = $(this).find('i');
+			if ($input.attr('type') === 'password') {
+				$input.attr('type', 'text');
+				$icon.removeClass('fa-eye').addClass('fa-eye-slash');
+			} else {
+				$input.attr('type', 'password');
+				$icon.removeClass('fa-eye-slash').addClass('fa-eye');
+			}
+		});
+	};
+
+	return ACP;
+});